PT-2018-9747 · Otrs · Otrs
Published
2018-06-06
·
Updated
2018-07-31
·
CVE-2018-10198
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
OTRS versions 6.0.x before 6.0.7
Description:
An issue was discovered that allows an attacker logged into OTRS as a customer to disclose internal article information of their customer tickets using the ticket overview screen.
Recommendations:
For OTRS versions 6.0.x before 6.0.7, update to version 6.0.7 or later to resolve the issue.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Otrs